diff --git a/config/config.go b/config/config.go
index 125192a..0a8e1ee 100644
--- a/config/config.go
+++ b/config/config.go
@@ -83,13 +83,23 @@ func (self *Config) RunWizard() {
 	self.UploadMaxMB = ensureNumberOption(&inputBuf)
 
 	fmt.Printf("Encryption secret for admin invite codes? ")
-	ensureNonEmptyOption(&inputBuf)
+	ensure32BytePassphrase(&inputBuf)
 	self.RegistrationSecret = inputBuf
 
 	fmt.Printf("Configuration complete!\n")
 	self.Write()
 }
 
+func ensure32BytePassphrase(buffer *string) {
+	for {
+		fmt.Scanln(buffer)
+		if len([]byte(strings.TrimSpace(*buffer))) == 32 {
+			break
+		}
+		fmt.Println("Please enter a 32-byte string")
+	}
+}
+
 func ensureNonEmptyOption(buffer *string) {
 	for {
 		fmt.Scanln(buffer)
diff --git a/register/register.go b/register/register.go
index 4a4faa5..70f4e2e 100644
--- a/register/register.go
+++ b/register/register.go
@@ -4,17 +4,16 @@ import (
 	"crypto/aes"
 	"crypto/cipher"
 	"encoding/hex"
+	"fmt"
 	"html/template"
 	"net/http"
-	"time"
 	"strconv"
-	"fmt"
-	
+	"time"
 
 	"hacklab.nilfm.cc/quartzgun/auth"
 	"hacklab.nilfm.cc/quartzgun/renderer"
 	"hacklab.nilfm.cc/quartzgun/router"
-  "hacklab.nilfm.cc/quartzgun/util"
+	"hacklab.nilfm.cc/quartzgun/util"
 )
 
 type SymmetricCrypto interface {
@@ -29,20 +28,20 @@ type SymmetricCrypt struct {
 	Secret string
 }
 
-var iv []byte = []byte {107,  53,  46, 249,  52,  70,  36, 185,
-                        168, 139, 144, 249, 242,   2, 125, 183 }
+var iv []byte = []byte{107, 53, 46, 249, 52, 70, 36, 185,
+	168, 139, 144, 249, 242, 2, 125, 183}
 
 func (self *SymmetricCrypt) IsValid(cipher string) bool {
-  stringTimestamp, err := self.Decrypt(cipher)
-  if err != nil {
-    return false
-  }
-  int64Timestamp, err := strconv.ParseInt(stringTimestamp, 10, 64)
-  if err != nil {
-    return false
-  }
-  then := time.UnixMicro(int64Timestamp)
-  return time.Since(then).Minutes() <= 15
+	stringTimestamp, err := self.Decrypt(cipher)
+	if err != nil {
+		return false
+	}
+	int64Timestamp, err := strconv.ParseInt(stringTimestamp, 10, 64)
+	if err != nil {
+		return false
+	}
+	then := time.UnixMicro(int64Timestamp)
+	return time.Since(then).Minutes() <= 15
 }
 
 func (self *SymmetricCrypt) Encode(b []byte) string {
@@ -58,7 +57,7 @@ func (self *SymmetricCrypt) Decode(s string) []byte {
 }
 
 func (self *SymmetricCrypt) Encrypt(text string) (string, error) {
-  fmt.Println(text)
+	fmt.Println(text)
 	block, err := aes.NewCipher([]byte(self.Secret))
 	if err != nil {
 		return "", err
@@ -84,7 +83,7 @@ func (self *SymmetricCrypt) Decrypt(text string) (string, error) {
 
 func WithCrypto(next http.Handler, crypto SymmetricCrypto) http.Handler {
 	handlerFunc := func(w http.ResponseWriter, req *http.Request) {
-	 util.AddContextValue(req, "crypto", crypto);
+		util.AddContextValue(req, "crypto", crypto)
 		next.ServeHTTP(w, req)
 	}
 
@@ -93,15 +92,15 @@ func WithCrypto(next http.Handler, crypto SymmetricCrypto) http.Handler {
 
 func WithUserStoreAndCrypto(next http.Handler, udb auth.UserStore, crypto SymmetricCrypto) http.Handler {
 	handlerFunc := func(w http.ResponseWriter, req *http.Request) {
-	   urlParams := req.Context().Value("params").(map[string]string)
-	   success := false
-		 cipher := urlParams["cipher"]
-		 username := req.FormValue("username")
-		 password := req.FormValue("password")
-		 if crypto.IsValid(cipher) && len(username) > 0 && len(password) > 0 {
-		  success = udb.AddUser(username, password) == nil
-		 }
-	  util.AddContextValue(req, "success", success);
+		urlParams := req.Context().Value("params").(map[string]string)
+		success := false
+		cipher := urlParams["cipher"]
+		username := req.FormValue("username")
+		password := req.FormValue("password")
+		if crypto.IsValid(cipher) && len(username) > 0 && len(password) > 0 {
+			success = udb.AddUser(username, password) == nil
+		}
+		util.AddContextValue(req, "success", success)
 		next.ServeHTTP(w, req)
 	}